Security Compliance Engineer
Location
Bracknell, Berkshire | United Kingdom
Job description
If you are a job seeker with a disability and require a reasonable accommodation to apply for one of our jobs, you will find the contact information to request the appropriate accommodation by visiting the following page:
Circana (formerly IRI and NPD) is the leading advisor on the complexity of consumer behavior. Through unparalleled technology, advanced analytics, cross-industry data and deep expertise, we provide clarity that helps almost 7,000 of the world’s leading brands and retailers take action and unlock business growth. At Circana, we are fueled by our passion for continuous learning and growth, we seek and share feedback freely, and we celebrate victories both big and small in an environment that is flexible and accommodating to our work and personal lives. Join our inclusive, committed team to be a challenger, own outcomes, and stay curious together.
The Security Compliance Engineer will analyze risks and help operate the enterprise security program. The position shall serve as a contributor to security assessments including controls assessments, vulnerability assessments, compliance assessments, certifications, and related initiatives.
Key Accountabilities
- Work with Global CISO to ensure compliance of EMEA with global corporate security policies.
- Help perform risk assessments of IT assets
- Assist the management of IT compliance with EMEA regulations (GDPR, Data privacy, etc).
- Supporting security incident response for EMEA region and drive reporting, RCA and remediation follow up.
- Start working and progressively driving towards compliance with ISO27001 and SOC II standards and work to achieve certification in the future. Including initiating and/or supporting continuous improvement efforts and preventative and corrective action plans.
Main duties and responsibilities
- Help developing security policies and procedures to provide adequate business protection without interfering with core business requirements.
- Perform assessments; identify security threats and vulnerabilities across the enterprise; implement controls; provide reporting and analysis to appropriate teams for compliance
- Assist in compliance related activities, promote security practices and audit policies
- Review and take an ownership role in responding to customer audit requests and security surveys
- Take appropriate actions to safeguard company information assets against current and foreseen threats via governance and compliance
- Assist in the implementation of security programs: execute project deliverables as assigned
- Communicate to affected stakeholders including departments within the organization
- Communication and outreach: maintain communication with peers throughout the organization and security contacts including Business Units and subsidiary locations; disseminate information regarding security controls and newly identified risks for compliance
- Assess and measure security programs from a compliance perspective
- Remain current on industry standards for security compliance and programs
- Balance security compliance needs with the organization’s business plans, identify risk factors of non-compliance, and determine solutions to both.
- Communicate with the IT staff about security compliance issues
- Oversee any IT project to ensure compliance with Security Policies and best practices.
- Work interactively with Sales and Legal teams to review, edit, propose contract language and drive standardization
- Drafting and championing forms, templates and processes to improve security compliance, efficiency and client satisfaction
- Assist in the maintenance and development of security commitments by contract and remain compliant with contracted security agreements.
- Conduct and assist in internal compliance audits to ensure that policies are being followed.
- Maintain current risk analysis of software, systems and data considering contractual requirements, legal requirements and the needs of the business.
Desired skills & experience
2 - years’ experience with security management experience in either an IT Auditor or Security Engineer role or both
- Min 1 years’ experience dealing with EU Privacy regulation.
- At least 1 year experience with GDPR law implementation and governance
- At least 1 years’ experience with ISO 27001 practices audit process, compliance, requirements and responses
- SOC II audit (or equivalent) experience (not mandatory)
- Solid knowledge of infrastructure and security best practices and issues
- Solid understanding, exposure and experience 1 years’ experience with complex IT infrastructures, including Unix, Windows servers, Networks and Storage across multi countries sites.
- Ability to document and understand complex multi-disciplinary problems.
- Any certification on Security technologies or security auditing or PM is advantageous.
- Project management experience is advantageous.
- Excellent interpersonal and written communications skills required (including English)
- Excellent Communication skills with Internal and external teams
- Working across countries and cultures
- Practices in Change Management and Service Request review and approvals
#LI-AM1
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)
#J-18808-Ljbffr
Job tags
Salary
